Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/01 9:26 p.m.11 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS7.8AI score0.0063EPSS
Exploits1References1
NVD
NVD
added 2025/12/31 9:15 p.m.9 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS0.0063EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/31 8:48 p.m.20 views

CVE-2015-10145 Gargoyle 1.5.x Authenticated OS Command Execution via run_commands.sh

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.7CVSS0.0063EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/12/31 8:48 p.m.9 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS6.3AI score0.0063EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/31 8:48 p.m.3 views

CVE-2015-10145 Gargoyle 1.5.x Authenticated OS Command Execution via run_commands.sh

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.7CVSS7.4AI score0.0063EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/31 8:48 p.m.6 views

EUVD-2025-206059

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.7CVSS7.3AI score0.0063EPSS
Exploits1References7
CVE
CVE
added 2025/12/31 8:48 p.m.15 views

CVE-2015-10145

Gargoyle router management utility versions 1.5.x expose an authenticated OS command execution vulnerability in /utility/run_commands.sh due to improper validation of the commands parameter. An authenticated attacker can execute arbitrary shell commands on the device, potentially leading to full ...

8.8CVSS7.4AI score0.0063EPSS
In wildExploits1References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/12/31 12:0 a.m.63 views

VulnCheck KEV: CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS6.3AI score0.0063EPSS
In wildExploits1References5
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54455

Name of the Vulnerable Software and Affected Versions Gargoyle router management utility versions 1.5.x Description The application does not properly restrict or validate input provided through the commands parameter, leading to authenticated OS command execution. This occurs in the /utility/run...

8.7CVSS6.9AI score0.0063EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.6 views

Gargoyle Router Management Utility 安全漏洞

Gargoyle Router Management Utility is a third-party router firmware from Gargoyle. A security vulnerability exists in Gargoyle Router Management Utility version 1.5.x, which stems from a restricted or insufficient validation of the commands parameter input, which could allow an authenticated...

8.8CVSS6.1AI score0.0063EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3357

Malware in sbrugna...

4.8CVSS5AI score0.00302EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10365

Malware in sbrugna...

7.5CVSS7.6AI score0.01034EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:18 p.m.7 views

CVE-2021-23270

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a...

7.5CVSS6.7AI score0.01034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 a.m.9 views

CVE-2010-3359

If LDLIBRARYPATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account...

4.8CVSS6.8AI score0.00302EPSS
Exploits0References1
Kitploit
Kitploit
added 2023/05/17 12:30 p.m.19 views

RustChain - Hide Memory Artifacts Using ROP And Hardware Breakpoints

This tool is a simple PoC of how to hide memory artifacts using a ROP chain in combination with hardware breakpoints. The ROP chain will change the main module memory page's protections to N/A while sleeping i.e. when the function Sleep is called. For more detailed information about this memory...

7.3AI score
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3359

If LDLIBRARYPATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account...

4.8CVSS6.7AI score0.00302EPSS
Exploits0References3
CNVD
CNVD
added 2021/04/13 12:0 a.m.8 views

Gargoyle OS has an unspecified vulnerability

Gargoyle OS is a Web management interface for small router devices. A security vulnerability exists in Gargoyle OS version 1.12.0 that stems from a routing loop that generates excessive network traffic between an affected device and the routers of its upstream ISP when IPv6 is used. No details of...

7.5CVSS6.9AI score0.01034EPSS
Exploits0References1
NVD
NVD
added 2021/04/12 7:15 p.m.7 views

CVE-2021-23270

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a...

7.5CVSS0.01034EPSS
Exploits0References1
OSV
OSV
added 2021/04/12 7:15 p.m.17 views

CVE-2021-23270

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a...

7.5CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/04/12 7:15 p.m.11 views

Code injection

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a...

4.3CVSS7.4AI score0.01034EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder